Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/12/09 12:51 a.m.3 views

CVE-2025-64715

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.17.10, and 1.18.4, CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network...

5.5CVSS6.7AI score0.00161EPSS
Exploits0References1
OSV
OSV
added 2025/12/02 11:35 a.m.6 views

BIT-CILIUM-OPERATOR-2025-64715 Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.17.10, and 1.18.4, CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network...

5.5CVSS6.7AI score0.00161EPSS
Exploits0References6
OSV
OSV
added 2025/12/01 6:59 p.m.4 views

GHSA-38PP-6GCP-RQVM Cilium with misconfigured toGroups in policies can lead to unrestricted egress traffic

Impact CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network interface may unintentionally allow broader outbound access than intended by the policy authors. In such cases, the toCIDRset sectio...

4CVSS6.8AI score0.00161EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/11/02 3:49 a.m.7 views

SUSE CVE-2024-47825

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Starting in version 1.14.0 and prior to versions 1.14.16 and 1.15.10, a policy rule denying a prefix that is broader than /32 may be ignored if there is a policy rule referencing a more narrow prefix CIDRSe...

8.7CVSS6.8AI score0.00391EPSS
Exploits0References5
Rows per page
Query Builder